Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

5.1 Security Considerations for Implementers

Running MSCHAPv2 as an EAP method has the same security considerations as running it without EAP.

Using the terminology of the Extensible Authentication Protocol (EAP) (see [RFC3748] section 7.2.1), the security claims of this specification are shown in the following table.

Authentication mechanism

Password

CipherSuite negotiation

No

Mutual authentication

Yes

Integrity protection

Yes

Replay protection

Yes

Confidentiality

No

Key derivation

Yes

Key strength

Depends on password policy.

Dictionary attack protection

No

Fast reconnect

No

Cryptographic binding

N/A

Session independence

Depends on password policy.

Fragmentation

No

Channel binding

No

 
Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft. All rights reserved.